Hosting Moodle on AWS
This repository provides set of CloudFormation nested templates that deploy a highly available, elastic, and scalable Moodle 4.1+ environment on AWS. Moodle offers a learning platform that provides educators, administrators and learners a single robust, secure and integrated system for personalized learning environment.
These nested templates can be used to deploy Moodle on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Aurora, Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS CloudFormation in yaml format.
This architecture is expansive enough to meet the needs of large institutions / organizations. Smaller organizations can choose to run a subset of the template to meet their needs. These templates can also be run individually and may be modified.
This template currently uses Moodle 4.1+ stable version downloaded directly from download.moodle.org. Details for downloading are available in the templates/03-pipelinehelper.yaml template file.
Read the reference architecture and the steps below to understand the deployment scope and options. While following the steps and guidelines to deploy Moodle 4.x, pay careful attention to the parameters and their descriptions.
- Select an AWS Region (for example: us-east-1) for your deployment.
- Give a meaningful
Stack Namethat does
special charactersincluding hyphen(-) Eg: MoodleDevDeploy OR MoodleProd
- If you plan to use HTTPS, you must create or import your certificate into Amazon Certificate Manager (ACM) and provide its ARN when deploying the CloudFormation stack.
- Alternatively, if you plan to use an SSL Certificate with Amazon CloudFront, you must create or import your certificate into Amazon Certificate Manager in the us-east-1 region before launching Moodle and provide it's ARN when deploying the CloudFormation stack.
Deploy the 00-main.yaml stack. You can also click the
Launch Stackbutton below to launch the stack in your logged-in AWS Account.
After the stack deployment completes, you will see a
DNS Nameentry under the
Outputstab under the main CloudFormation template. This DNS Name value will be your Moodle app URL. You can configure aliases or CNAMEs to point to this DNS Name if you want to customize this.
Navigate to the Moodle application URL to complete the installation.
NOTE: You may encounter a 504 Gateway Timeout or CloudFront error on the final step of the Moodle application installation wizard (after configuring the administrator password). You can safely ignore this error and refresh the page to complete the installation.
You may also see "Installation must be finished from the original IP address, sorry." If this is the case, update your database and set the
lastipfield of the
mdl_usertable to the internal IP address of your Application Load Balancer which can be found under the
Network Interfacessection of the
EC2section of the AWS Console. To update the value in the database, run these commands on the EC2 web server:
psql -h <hostname> -U<Username> update mdl_user set lastip='<ip address>';
Once the Moodle installation wizard completes successfully, you need to update the value of the SSM Parameter
- In your main
Outputstab to see parameter
IsMoodleSetupCompleted. Click the link under
Valueto get details of the parameter.
- Edit the parameter and change the value to
- Go back to
Outputstab to see link for
MoodleCodePipeline. Click on the link to open Code Pipeline. Click on the
Release Changebutton. This will re-run the deployment pipeline and update the Moodle configurations post-installation, in order to adjust the auto-scaling configuration and the session cache configuration.
- In your main
This template can optionally deploy Amazon ElastiCache as the Moodle Session and/or Application cache(s). When this feature is activated, you still need to configure the Application Cache within Moodle after deployment (see how-to guide). The cache endpoint is listed under the CloudFormation
NOTE: To connect to your EC2 web servers, select an EC2 Instance and click on the
Connect button in the AWS Console. Open the
Session Manager tab and click on the
Connect button. Note that this feature uses the AWS SSM Agent that is installed on the instances, allowing you to connect to EC2 Instances without opening the SSH port to Internet traffic. An alternative approach to connect to your instances would be to enable the bastion host through the CloudFormation stack parameters.
Launch the CloudFormation Template
You can launch this CloudFormation template in different AWS Regions. Below are links to help you get started quickly, but note that you can always change the region yourself once you are in the AWS Console.
The following sections describe the architecture and its components. This architecture uses a similar approach to the one used in the WordPress Reference Architecture.
AWS Certificate Manager
AWS Certificate Manager lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services. You should use SSL/TLS to protect data in transit, including sessions and passwords. If you plan to use SSL/TLS, you must create or import a certificate using AWS Certificate Manager before you deploy the template. In addition, if wish to use CloudFront and host Moodle in a region other than us-east-1, you must create or import the certificate in both us-east-1 and the region you are hosting Moodle in. CloudFront requires certificates in the us-east-1 region.
Application Load Balancer
The Application Load Balancer distributes incoming application traffic across multiple EC2 instances in multiple Availability Zones. You achieve high availability by clustering multiple Moodle servers behind this load balancer. You can review Moodle's overview of Server Clustering before proceeding.
Amazon EC2 Auto Scaling helps ensure that the appropriate number of Amazon EC2 instances are available to handle the load of the application. The template configures autoscaling based on CPU utilization. An additional instance is added when the average CPU utilization exceeds 75% for three minutes and removed when the average CPU utilization is less than 25% for three minutes. Based on the instance type, cache configuration, and other factors, you may find that other metrics are better predictors of load. You can change the metrics to better meet your operational needs.
Note: that the installation wizard causes spikes in CPU that could cause the cluster to scale unexpectedly. To avoid an issue with this during installation, initial deployment starts with minimum and maximum autoscaling values of 1. Once you complete the Moodle installation wizard, update the SSM parameter
IsMoodleSetupCompleted and run the Moodle pipeline, the minimum and maximum autoscaling values will be updated according to your parameters.
Amazon Elastic File System (EFS)
Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage in the AWS Cloud. Using EFS makes Moodle operations and management (shared files, updates, patches, etc.) easier. However, Moodle performance may suffer when the application code itself is run from mounted volumes like EFS. Moodle recommends
dirroot to be on local or high-performance storage. This template follows that recommendation, and uses a combination of Elastic Block Storage (EBS) and EFS for storage. Each web server in the Moodle Cluster employs the following directory structure:
$CFG->dirroot = '/var/www/moodle/html' #Stored on root EBS volume $CFG->localcachedir = '/var/www/moodle/local' #Stored on root EBS volume $CFG->dataroot = '/var/www/moodle/data' #Stored on shared EFS filesystem $CFG->cachedir = '/var/www/moodle/cache' #Stored on shared EFS filesystem $CFG->tempdir = '/var/www/moodle/temp' #Stored on shared EFS filesystem
With elastic throughput type, Amazon EFS automatically scales throughput performance up or down to meet the needs of your workload activity. You don't need to specify or provision the throughput capacity to meet your application needs.
*Moodle recommends the
dirroot be set as read only for the apache process in a clustered environment [Reference]. You should not install plugins to a server cluster from the admin page.
Moodle recommends manually installing plugins on each server during planned maintenance. To follow the infrastructure-as-code methodology, installation/upgrade of plugins can be managed using AWS CodePipeline scripts. See the
.pipeline folder inside your AWS CodeCommit Moodle repository.
This CloudFormation templates use AWS Services to create a CI/CD pipeline to help manage your Moodle environment. AWS CodeCommit will host a git repository for your Moodle environment. It initially pulls the source from download.moodle.org.. It also adds files required to automate the deployment pipeline. You can explore these files under the
This template also creates an AWS CodePipeline configuration that build artifacts to deploy on EC2 with autoscaling groups using AWS CodeBuild and AWS CodeDeploy. It can optionally support a BLUE_GREEN deployment.
You can customize the overall pipeline for your Moodle setup.
AWS Systems Manager - Parameter Store
This template also uses the Parameter Store to host Moodle environment configurations parameters like the database endpoint, the database credentials, the application and session cache endpoints, etc. This allows easy management of these configuration parameters. You can change these parameters and refresh your deployment to quickly implement them.
Caching can have a dramatic impact on Moodle's performance. This template configures various forms of caching including OPcache, CloudFront and ElastiCache.
PHP OPcache speeds up PHP execution by caching precompiled scripts in memory. This template configures OPcache as described here.
Amazon ElastiCache for
Memcached is a Memcached-compatible in-memory key-value store service that can be used as a cache or a data store. Moodle recommends that you
don't use the same memcached server for both sessions and MUC Refer. Events triggering MUC caches to be purged leads to MUC purging the memcached server]. This template configures two ElastiCache clusters, one for session caching and one for application caching.
This template also allows you to create
Amazon ElastiCache for Redis as Redis compatible in-memory key-value store service that can be used as a cache or a data store.
Moodle recommends that you store user sessions in one shared memcached server. The template configures session caching as described here.
Note: This template doesn't configure the Session Cache during initial deployment. It waits for you to finish the initial Moodle installation wizard and update the Parameter
IsMoodleSetupCompleted value to
Yes in the SSM Parameter Store. Once the installation is completed, you need to run the Moodle pipeline to enable session caching and finalize the other remaining configuration.
The template deploys an ElastiCache cluster for application caching,
but the application caching must be configured after the Moodle installation is completed. You can configure memcached or Redis by filling in the auto-discovery endpoint to the list of Servers under both Store Configuration and Enable Clustered Servers (see image below). You can find the
ApplicationCacheServerEndpoint address in the
Outputs of the CloudFormation stack. Finally, scroll to the bottom of the caching administration page in Moodle and set ElastiCache as the default store for application caching.
Amazon CloudFront is a global content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to your viewers with low latency and high transfer speeds. It also helps in caching content closer to user's geography and reduces loads on the web servers.
Amazon Route 53
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) service. The template will optionally configure a Route53 alias that points to either the Application Load Balancer or CloudFront. If you are using another DNS system, you should create a CNAME record in your DNS system to reference either the Application Load Balancer or CloudFront (if deployed). If you don't have access to DNS you can leave Domain Name blank and the template will configure Moodle to use the auto-generated Application Load Balancer domain name.
This library is licensed under the Apache 2.0 License.
- Moodle is licensed under the General Public License (GPLv3 or later) from the Free Software Foundation.
- OPcache is licensed under PHP License, version 3.01.
Please see LICENSE for applicable license terms and NOTICE for applicable notices.